shell bypass 403
Cubjrnet7 Shell
: /home/eklavya/backups/joomla3oldsite/components/com_youtubegalleryV25May18/includes/ [ drwxr-xr-x ]
<?php
class VideoSource_YouTube
{
function extractYouTubeID($youtubeURL)
{
if(!(strpos($youtubeURL,'://youtu.be')===false) or !(strpos($youtubeURL,'://www.youtu.be')===false))
{
//youtu.be
$list=explode('/',$youtubeURL);
if(isset($list[3]))
return $list[3];
else
return '';
}
else
{
//youtube.com
$arr=$this->parse_query($youtubeURL);
return $arr['v'];
}
}
function getVideoData($videoid,$customimage,$customtitle,$customdescription, $video_showtitle_nav_or_active,$video_showdescription,$thumbnailcssstyle)
{
$theTitle='';
$Description='';
$theImage='';
if($customimage!='')
$theImage=$customimage;
else
$theImage=VideoSource_YouTube::getYouTubeImageURL($videoid,$thumbnailcssstyle);
if($video_showtitle_nav_or_active or $video_showdescription)
{
/*
if($customtitle!='' and $customdescription!='')
{
$theTitle=$customtitle;
$Description=$customdescription;
return array(
'videosource'=>'youtube',
'videoid'=>$videoid,
'imageurl'=>$theImage,
'title'=>$theTitle,
'description'=>$Description
);
}
else
{*/
$theData=VideoSource_YouTube::getYouTubeVideoData($videoid);
if($customtitle!='')
$theTitle=$customtitle;
else
$theTitle=$theData[0];
if($customdescription!='')
$Description=$customdescription;
else
$Description=$theData[1];
return array(
'videosource'=>'youtube',
'videoid'=>$videoid,
'imageurl'=>$theImage,
'title'=>$theTitle,
'description'=>$Description,
'publisheddate'=>$theData[2],
'duration'=>$theData[3],
'rating_average'=>$theData[4],
'rating_max'=>$theData[5],
'rating_min'=>$theData[6],
'rating_numRaters'=>$theData[7],
'statistics_favoriteCount'=>$theData[8],
'statistics_viewCount'=>$theData[9],
'keywords'=>$theData[10]
);
//}
}
else
return array('videosource'=>'youtube', 'videoid'=>$videoid, 'imageurl'=>$theImage,'title'=>'','description'=>'');
}
function getYouTubeImageURL($videoid,$thumbnailcssstyle)
{
if($thumbnailcssstyle == null)
return 'http://img.youtube.com/vi/'.$videoid.'/default.jpg';
//get bigger image if size of the thumbnail set;
$a=str_replace(' ','',$thumbnailcssstyle);
if(strpos($a,'width:')===false and strpos($a,'height:')===false)
return 'http://img.youtube.com/vi/'.$videoid.'/default.jpg';
else
return 'http://img.youtube.com/vi/'.$videoid.'/0.jpg';
}
function getYouTubeVideoData($videoid)
{
if(phpversion()<5)
return "Update to PHP 5+";
//if(!ini_get('allow_url_fopen'))
//return 'Set "allow_url_fopen=on" in PHP.ini file.';
try{
//$url = 'http://gdata.youtube.com/feeds/api/videos/'.$videoid;
//echo '<!-- ';
//$value=eval('
$url = 'http://gdata.youtube.com/feeds/api/videos/'.$videoid;
//$url ='http://compass.com.pa';
$doc = new DOMDocument;
//$doc->load($url);
$htmlcode=VideoSource_YouTube::get_data_curl($url);
//echo '------------------------------------------------------------------------------------------------------------';
//echo '$url='.$url.'<br/>';
//echo $htmlcode;
//echo '------------------------------------------------------------------------------------------------------------';
if(strpos($htmlcode,'<?xml version')===false)
{
if(strpos($htmlcode,'Invalid id')===false)
{
//Cannot Connect to Youtube Server
$pair=array('Cannot Connect to Youtube Server','','','0','0','0','0','0','0','0','');
}
else
{
//Invalid id, video not found
$pair=array('Invalid id','Invalid id','','0','0','0','0','0','0','0','');
}
return $pair;
}
$doc->loadXML($htmlcode);
$tplusd =$doc->getElementsByTagName("title")->item(0)->nodeValue;
$tplusd.="<!--and-->";
$tplusd.=$doc->getElementsByTagName("description")->item(0)->nodeValue;
$tplusd.="<!--and-->";
$tplusd.=$doc->getElementsByTagName("published")->item(0)->nodeValue;
$tplusd.="<!--and-->";
$tplusd.=$doc->getElementsByTagName("duration")->item(0)->getAttribute("seconds");
$RatingElement=$doc->getElementsByTagName("rating");
if($RatingElement->length>0)
{
$re0=$RatingElement->item(0);
$tplusd.="<!--and-->";
$tplusd.=$re0->getAttribute("average");
$tplusd.="<!--and-->";
$tplusd.=$re0->getAttribute("max");
$tplusd.="<!--and-->";
$tplusd.=$re0->getAttribute("min");
$tplusd.="<!--and-->";
$tplusd.=$re0->getAttribute("numRaters");
}
else
$tplusd.="<!--and-->0<!--and-->0<!--and-->0<!--and-->0";
$StatElement=$doc->getElementsByTagName("statistics");
if($StatElement->length>0)
{
$se0=$StatElement->item(0);
$tplusd.="<!--and-->";
$tplusd.=$se0->getAttribute("favoriteCount");
$tplusd.="<!--and-->";
$tplusd.=$se0->getAttribute("viewCount");
}
else
$tplusd.="<!--and-->0<!--and-->0";
$tplusd.="<!--and-->";
$tplusd.=$doc->getElementsByTagName("keywords")->item(0)->nodeValue;
$value=$tplusd;
//return $tplusd;');
//echo ' --> ';
}
catch(Exception $e)
{
//$description='cannot get youtibe video data';
return 'cannot get youtube video data';
}
$pair=explode('<!--and-->',$value);
if(count($pair)!=11)
$pair=array();
return $pair;
}
function get_data_curl($url)
{
$ch = curl_init();
$timeout = 5;
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
function renderYouTubePlayer($options,&$row)
{
$settings=array();
$settings[]=array('autoplay',(int)$options['autoplay']);
$settings[]=array('hl','en');
$settings[]=array('fs','1');
$settings[]=array('showinfo',$options['showinfo']);
$settings[]=array('iv_load_policy','3');
$settings[]=array('rel',$options['relatedvideos']);
$settings[]=array('loop',(int)$options['repeat']);
$settings[]=array('border',(int)$options['border']);
if($options['color1']!='')
$settings[]=array('color1',$options['color1']);
if($options['color2']!='')
$settings[]=array('color2',$options['color2']);
if($options['controls']!='')
{
$settings[]=array('controls',$options['controls']);
if($options['controls']==0)
$settings[]=array('version',3);
}
if($row->muteonplay)
$options['playertype']=2; //becouse other types of player doesn't support this functionality.
$playerapiid='ygplayerapiid_'.$row->id;
$playerid='youtubegalleryplayerid_'.$row->id;
if($options['playertype']==2)
{
//Player with Flash availability check
$settings[]=array('playerapiid','ygplayerapiid_'.$playerapiid);
$settings[]=array('enablejsapi','1');
}
if((int)$options['width']==0)
$options['width']=400;
if((int)$options['height']==0)
$options['height']=200;
VideoSource_YouTube::ApplyYoutubeParameters($settings,$options['youtubeparams']);
$settingline=VideoSource_YouTube::CreateParamLine($settings);
$result='';
$p=explode(';',$options['youtubeparams']);
$playlist='';
foreach($p as $v)
{
$pair=explode('=',$v);
if($pair[0]=='playlist')
$playlist=$pair[1];
}
if($options['playertype']==1) //new HTML 5 player
{
//new player
$result.='
<iframe width="'.$options['width'].'" height="'.$options['height'].'" '
.'src="https://www.youtube.com/embed/'.$options['videoid'].'?'.$settingline.'" '
.'frameborder="'.(int)$options['border'].'" '
.'id="'.$playerid.'" '
.($row->responsive==1 ? 'onLoad="YoutubeGalleryAutoResizePlayer'.$row->id.'();"' : '').'
>'
.'</iframe>';
}
elseif($options['playertype']==0 or $options['playertype']==3) //Flash AS3.0 Player
{
//Old player
$pVersion=($options['playertype']==0 ? '3': '2');
$result.='
<iframe width="'.$options['width'].'" height="'.$options['height'].'" '
.'src="https://www.youtube.com/embed/'.$options['videoid'].'?'.$settingline.'" '
.'frameborder="'.(int)$options['border'].'" '
.'id="'.$playerid.'" '
.($row->responsive==1 ? 'onLoad="YoutubeGalleryAutoResizePlayer'.$row->id.'();"' : '').'
>'
.'</iframe>';
}
elseif($options['playertype']==2 or $options['playertype']==4) //Flash Player with detection 3 and 2
{
$pVersion=($options['playertype']==2 ? '3': '2');
$initial_volume=(int)$row->volume;
if($initial_volume>100)
$initial_volume=100;
if($initial_volume<-1)
$initial_volume=-1;
//Old player
$result_head='
<!-- Youtube Gallery - Youtube Flash Player With Detection -->
<script src="http://www.google.com/jsapi" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/swfobject/2/swfobject.js" type="text/javascript"></script>
<script type="text/javascript">
//<![CDATA[
google.load("swfobject", "2");
function onYouTubePlayerReady(playerId) {
ytplayer = document.getElementById("'.$playerid.'");
'.($row->muteonplay ? 'ytplayer.mute();' : '').'
'.($initial_volume!=-1 ? 'setTimeout("changeVolumeAndPlay(\'"+playerId+"\')", 750);' : '').'
}
'.($initial_volume!=-1 ? '
function changeVolumeAndPlay(playerId) {
ytplayer = document.getElementById("'.$playerid.'");
if(ytplayer) {
ytplayer.setVolume('.$initial_volume.');
'.($row->autoplay ? 'ytplayer.playVideo();' : '').'
}
}
' : '').'
//]]>
</script>
<!-- end of Youtube Gallery - Youtube Flash Player With Detection -->
';
$result.='
<div id="'.$playerapiid.'">You need Flash player 8+ and JavaScript enabled to view this video.</div>
<script type="text/javascript">
//<![CDATA[
var params = { allowScriptAccess: "always", wmode: "transparent" };
var atts = { id: "'.$playerid.'" };
swfobject.embedSWF("http://www.youtube.com/v/'.$options['videoid'].'?version='.$pVersion.'&'.$settingline.'","'.$playerapiid.'", "'.$options['width'].'", "'.$options['height'].'", "8", null, null, params, atts);
//]]>
</script>';
$document =& JFactory::getDocument();
$document->addCustomTag($result_head);
}
return $result;
}
function ApplyYoutubeParameters(&$settings,$youtubeparams)
{
if($youtubeparams=='')
return;
$a=str_replace("\n",'',$youtubeparams);
$a=trim(str_replace("\r",'',$a));
$l=explode(';',$a);
foreach($l as $o)
{
if($o!='')
{
$pair=explode('=',$o);
if(count($pair)==2)
{
$option=trim(strtolower($pair[0]));
$found=false;
for($i=0;$i<count($settings);$i++)
{
if($settings[$i][0]==$option)
{
$settings[$i][1]=$pair[1];
$found=true;
break;
}
}
if(!$found)
$settings[]=array($option,$pair[1]);
}//if(count($pair)==2)
}//if($o!='')
}
}
function CreateParamLine(&$settings)
{
$a=array();
foreach($settings as $s)
$a[]=$s[0].'='.$s[1];
return implode('&',$a);
}
}
?>